MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

kdrag0n

Senior Member
Feb 19, 2016
571
1,489
133
kdrag0n.dev
Universal SafetyNet Fix
Magisk module​

This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

How does it work?
The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

Downloads
Downloads and changelogs can be found on GitHub. The topmost release is the latest.

Telegram group
Source code

If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
 
Last edited:

tylerdurden

Senior Member
Oct 13, 2010
301
643
133
Hamburg
Tested succesfully on Pixel 4a 5G, but Google Pay says "Your phone doesn't meet security requirements" even though PayPal can be set up.
Magisk Hide is activated.
 

zgfg

Senior Member
Oct 10, 2016
4,836
2,146
233
Thank you a lot, Universal SafetyNet Fix v1.1.0 working excellent on Xiaomi Mi 9T, Xiaomi.eu 21.1.6, MIUI 12.5 / Android 11 Beta

Device certified but not using Google Pay
 
Last edited:

thomas140

Senior Member
Jul 3, 2018
641
139
43
Johor
Safety net fix 1.0.2 worked for miui Eu 12.0.3.0 Android 10 for Poco F1.
Only that the ocbc bank Singapore app still able to detect the root and became unusable.
But I know that this doesn't relate to safetynet fix here because the issue already existed before the CTS false.
 

MoL_82

Senior Member
Aug 16, 2019
73
16
8
Tested on Samsung S9:
- 1.0.2 worked in MM, but Root Checker said 'cannot access GPS'.
- 1.1.0 fails ctsProfile in MM, but Root Checker now can access GPS, also returns ctsProfile fail.
 

shchukax

Member
Jun 12, 2019
6
4
3
Massive thanks for this. Version 1.1.0 confirmed working on my device:
- Pixel 3, stock room
- Magisk 21.2, magisk manager 8.0.5
- Magisk hide enabled and magisk manager renamed

All banking apps and google pay work correctly, including contactless payments.
 
  • Like
Reactions: powerful111

Drahy

Senior Member
Apr 27, 2012
459
63
48
I tried this on my Samsung Galaxy A6 (official samsung firmware patched with magisk) - and even version 1.1.0 causes bootloop when using zip inside Magisk Manager - Android 10
 

Antonio200

Member
Nov 26, 2020
9
0
1
Good morning. Working on Redmi Note 9 Pro xiaomi.eu 12.0.1 Android 10. No MagiskHide Props Config needed: basicIntegrity passed, ctsProfile passed, evalType BASIC.
Thank you so much
 
Last edited:

purgy

Senior Member
Aug 29, 2013
67
10
28
Sydney
Works on pixel 3a, last A10 patch, using magisk hide props config to force basic attestation. Was already using mhpc so not sure if it works without it. Fixed my CTS issue though, so thanks!
 

dr4go

Senior Member
Dec 17, 2010
398
343
83
Vienna
@kdrag0n Thank you so much for this awesome masterpiece!

I find it a bit interesting, that I experience a problem which nobody else seems to have reported so far. I'm using a Galaxy S10 (Exynos, G973F), rooted with latest canary Magisk, no EdXposed or whatsoever...

If I enable this module, no bootloop, basic attestation, CTS passes. "Yes", so I thought...

The problem now... My bank app tries to access the keystore and crashes. This does not happen without having this module enabled... I have attached a fully logcat and hope that you have some insights... 🙏🏻

EDIT1: re-attached file, didn't work on the first go.

EDIT2: oh... search for "easybank" or "keystore"

EDIT3: Android 11, One UI 3
 

Attachments

Last edited:

BenDavid

Member
Sep 29, 2016
25
7
3
POCO F1 user here. After flashing the module the phone stucks on the Google logo at boot.
The MHPC module didn't solve the problem either.

ROM: Pixel Experience 11 Beta (20201223)/Encrypted